SECURITY ANALYSIS OF AUTHENTICATION SCHEMES IN M-COMMERCE BASED ON FUZZY COMPREHENSIVE EVALUATION

Rui Hua, Runtong Zhang, Dandan Li

Abstract

The openness and transformation mode of the mobile network poses a serious problem of information security in mobile commerce applications, and identity authentication is one of the main methods to solve the problem. Along with the development of mobile commerce, considerable attentions on various identity authentication schemes have been paid. However, there is still lack of a systematic and practical evaluation system to evaluate these schemes. In this paper, an indicators analysis system of mobile commerce by using the fuzzy inference approach is proposed to evaluate different mobile commerce identity authentication schemes. Comprehensive simulation and comparsion show that the proposed indicator analysis systesm is quantified and efficient.

References

  1. Minglei S, Chengxiang T, Haihang W. Mobile authentication scheme using SMS. 2009 IITA International Conference on Services Science, Management and Engineering, 2009: 161-164.
  2. Kwok-Yan L, Siu-Leung C, Ming G, Jia-Guang S. Lightweight security for mobile commerce transactions. Computer Communications, 2003, 26: 2052-2060.
  3. Neuman B, Ts'T. Kerberos: Authentication service for computer networks. IEEE Communication Magazine, 1994, 32(9): 33-38.
  4. Aloul F, Zahidi S, El-Hajj W. Two factor authentication using mobile phones, IEEE/ACS International Conference on Computer Systems and Applications, 2009, 5: 641-644.
  5. Oh HG, Kang SY, Seo JT, Lee IY, Moon J. Study on a safe and efficient mOTP (mobile-OTP) authentication mechanism for the mobile environment. Journal of Internet Technology, 2009, 10(5): 521-531.
  6. Soleymani B, Maheswaran M. Social Authentication Protocol for Mobile Phones. CSE' 09 International Conference on Computational Science and Engineering, 2009, 8: 436-441.
  7. Xuefei C, Xingwen Z, Weidong K, Liangbing H. Identity-based anonymous remote authentication for value-added services in mobile networks. Vehicular Technology, IEEE Transactions, 2009, 58(7): 3508-3517.
  8. Hai-yan Q. Compairing the inductive method and strand spaces for security protocol. Verification Journal of Computer Research and Development, 2008, 45(Suppl.): 137-142 (in Chinese).
  9. Javier Thayer Fdbrega F, Jonathan Hermg C, Joshua Guttman D. Strand spacers: Proving security protocols correct [J]. Journal of Computer Security, 1999, 7(2-3): 191-230.
  10. Burrows M, Abadi M, Needham R. A Logic of Authentication [J]. ACM Trans on Computer Systems, 1990, 8(1): 18-36.
  11. Lawrence Paulson C. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 1998, 6(2): 85-128.
  12. Wei L, Wenye W. On performance analysis of challenge/response based authentication in wireless networks. Computer Networks, 2005, 48: 267-288.
  13. Charlott E, Markus F, Ivar J. A criteria-based evaluation framework for authentication schemes in IMS. ARES 7809. International Conference on Availability, Reliability and Security, 2009, 3: 865-869.
  14. Patroklos Argyroudis G, Raja V, Hitesh T, Donal O'Mahony. Performance analysis of cryptographic protocols on handheld devices. Third IEEE International Symposium on Network Computing and Applications, 2004: 169 - 174.
  15. Vipul G, Sumit G, Sheueling C, Douglas S. Performance analysis of elliptic curve cryptography for SSL. ACM Workshop on Wireless Security, 2002: 87-94.
  16. Yong-bin Z, Zhen-feng Z, Guo-deng D. Analysis and Improvement of a Security-Provable Mutually Authenticated Key Agreement Protocol. Journal of Software, 2006,4(17): 868-875 (in Chinese).
  17. Zhi-qiang X, Jun G, Jing Y. Analysis and design of new S/KEY authorization solution. Computer engineering, 2009 35(5): 175-176, 193 (in Chinese).
  18. Kumar V.K.N. Mangipudi. New authentication and key agreement protocols for wireless applications [Graduate], North Dakota State University, 2005.
  19. You-qing G, Xiao-jun W, Xiao-yan D. Electronic commerce security technology. Beijing: Beijing university of posts an telecommunications press, 2005 (in Chinese).
  20. Jia-yuan L. Enaluation model based on status authentication system. Computer knowledge and technology, 2006, 7: 51-52, 57 (in Chinese).
  21. Ze-shui X, Zhen-jun Y. Tow algorithms for fuzzy synthetic judgment. Journal of PLA university of science and technology (Natural science edition), 2001, 2(4):5-8 (in Chinese).
  22. Yang M, Runtong Z, Qin W, New Authentication Scheme for M-Commerce Based on Two Dimension Bar Code. IEEE International Conference on Service Operations and Logistics, and Informatics, 2008: 1029-1034.
Download


Paper Citation


in Harvard Style

Hua R., Zhang R. and Li D. (2010). SECURITY ANALYSIS OF AUTHENTICATION SCHEMES IN M-COMMERCE BASED ON FUZZY COMPREHENSIVE EVALUATION . In Proceedings of the Twelfth International Conference on Informatics and Semiotics in Organisations - Volume 1: ICISO, ISBN 978-989-8425-26-3, pages 245-251. DOI: 10.5220/0003268402450251


in Bibtex Style

@conference{iciso10,
author={Rui Hua and Runtong Zhang and Dandan Li},
title={SECURITY ANALYSIS OF AUTHENTICATION SCHEMES IN M-COMMERCE BASED ON FUZZY COMPREHENSIVE EVALUATION },
booktitle={Proceedings of the Twelfth International Conference on Informatics and Semiotics in Organisations - Volume 1: ICISO,},
year={2010},
pages={245-251},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003268402450251},
isbn={978-989-8425-26-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Twelfth International Conference on Informatics and Semiotics in Organisations - Volume 1: ICISO,
TI - SECURITY ANALYSIS OF AUTHENTICATION SCHEMES IN M-COMMERCE BASED ON FUZZY COMPREHENSIVE EVALUATION
SN - 978-989-8425-26-3
AU - Hua R.
AU - Zhang R.
AU - Li D.
PY - 2010
SP - 245
EP - 251
DO - 10.5220/0003268402450251